Archives

Great Links

Disaster Recovery Options for Small/Medium Sized Businesses

This is the second of a series of articles, regarding disaster recovery for the small/medium sized businesses which are the typical customers of Made2Manage. All of these articles will be at a high level with links to more in depth articles where you can read about all the gory details.

What are we trying to protect against?

Server Failure or Database Corruption. M2M will tell you that database corruption is not a problem when you upgrade to SQL Server from VFP, but that is not so. SQL Server databases CAN have problems with data corruption. More on that in a future article.

Before considering a disaster recovery option, you must evaluate how important your data is to you. What is your data worth? The backup and recovery plan should reflect this as you don’t want to spend a fortune on backup systems for data that isn’t worth much. With that in mind, let’s consider the following options for backup and recovery.

Common Options

Option 1 – Backup to another server in your building.Advantages:

You can restore quickly.

It’s very cheap.

It’s relatively secure because someone would need access to the building in order to access your backups.

Disadvantages:

There are numerous disadvantages, but the primary is that it doesn’t protect against any of the scenarios above. Sure, you’re fine if one server fails. What happens if both fail? This may seem unlikely but they could both fail due to an electrical disturbance and you would be absolutely, completely out of luck.

Further, if someone is able to maliciously delete your primary data, it wouldn’t be hard for them to delete your backups on the other server. Smaller companies that use M2M are notoriously lacking in security. What happens if a system administrator becomes disgruntled and takes the server down as well as the backups? In my opinion, it is unwise to give complete control of the data to any one person. I think if you asked owners of the now defunct JournalSpace or the City Government of San Francisco, they’d agree with me.

If something happens to the building, like a prehistoric fire breathing lizard stomps it, everything is inside.

So, if you want to be safe, it’s obvious that you need off site backups. There are a few ways that people do this. This brings us to….

Option 2 – Using tapes or some other media for backups and getting them off site.Advantages

This option can be relatively inexpensive.

You can keep a copy of the data on another computer in the building (for speed) as well as an off-site back up (for security).

Since the media is physical, it can be brought anywhere in a crisis to be set up relatively quickly. You don’t have to wait for a long internet download.

Disadvantages

It’s more expensive if you pay for the media to be couriered to a secure location. An employee could technically take the data off site, but are you encrypting the backups? As we’ll learn in the next article, Standard SQL Server backups are not encrypted unless you’re using a 3rd party application. What happens if someone steals them from your home or car?

Further, who wants that responsibility and are most people really going to remember to do it every single day? What about sick days or vacations?

Backup media can be unreliable.

Quality backup media is not exactly cheap either. Depending on how long you need to archive your data, you may need a prohibitive number of backup tapes.

Option 3 – Online Back UpAdvantages

Some of these data centers are deep underground and exceedingly secure.

After they are set up, they can be absolutely no fuss.

Disadvantages

How long is it going to take to restore your data from the internet?

What happens if the internet is unavailable? If there is a natural disaster, it could be weeks before you have access to the net again.

The costs of this option can really add up. You are typically charged for all data transferred as well as the space used to house your backups. When figuring cost, remember that you are going to keep multiple copies of your databases, and depending on how far back you need to retain, this can get prohibitively expensive.

Backups are not typically encrypted. Are you using SSL encryption when transferring your data over the internet?

If your databases are of decent size, I would recommend you invest in a tool like Quest LiteSpeed or RedGate’s SQL Backup. This is especially important considering the costs of online backup. They allow encryption and can compress your backups which will save you serious money in the long run.

As I said in the last article, even if you have a bullet proof backup strategy, it’s meaningless if your backups will not restore. If you are using tape backup, make sure to restore from tape, not from the backup file still held on your server. Do this with your online backup as well if you choose that method. You should definitely know how long it takes to download your 10 GB backup file from off-site.

I’ve deliberately omitted options such as SQL Server Clustering and Replication because they aren’t feasible for the vast majority of companies using M2M. As I mentioned above we’ll discuss backup encryption in the next article in the series.

I just use windows backup. simple and free and it seems to work fine.
I do a full backup on the weekend and differential* backups every night to a hard drive in another building.
Once/week I do a full backup to tape that i keep at home.
I backup M2M fully every night at 5:30 in case a T storm hits.
I test restore often.

[…] How long should I keep backups? I hate to keep echoing questions back at you, but how long do you need them? A couple of the companies I do business with keep their full database backups almost a year. However, they move them to tape every day and only have one or two copies internally. Read further about backup options for details. […]

I know it’s an old thread, but new advances in cloud provide another option for disaster recovery:

– put your production ERP in a secure hosting site (with a reputable datacenter). You can access everything from any office over Microsoft’s terminal server or Citrix XenApp, often with better performance than on-premise.

– DR site can be your old server(s) on-premise. You can use replica (in WinServer2012R2) to replicate your database every 5 minutes to your own site if you wish.

Benefits: safer and higher availability. If the datacenter were to be blown up, your disaster recovery is already in place and ready to go, albeit at sligthly degraded performance (for most of us)